CLAIMS 



1 . A method for approving a security change for a file security system that 
5 secures electronic files, said method comprising: 

receiving a requested security change from a requestor; 

identifying a plurality of approvers to approve or disapprove of the requested 
security change; 

notifying the approvers of an approval request for the requested security 
10 change; 

determining whether the requested security change is approved based on 
responses from the approvers to the approval request; and 

performing the requested security change when said determining determines 
that the requested security change has been approved. 

15 

2. A method as recited in claim 1 , wherein said notifying of the approvers is 
achieved by electronic mail. 

3. A method as recited in claim 2, wherein the responses from the approval 
20 group are provided as electronic mail. 

4. A method as recited in claim 1 , wherein no one of the plurality of approvers 
can individually approve the requested security change. 

25 5. A method as recited in claim 1 , wherein the plurality of approvers are 
arranged as a set or group. 
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6. A method as recited in claim 1 , wherein the plurality of approvers are 
arranged in a plurality of sets or groups, and 

wherein said determining requires approval from more than one of the 
plurality of sets or groups in order to determine that the requested security change is 
5 approved. 

7. A method as recited in claim 6, wherein the plurality of sets or groups are 
arranged in a hierarchy, and wherein progression to a next level in the hierarchy 
requires approval from the set or group associated with a current level. 

10 

8. A method as recited in claim 1 , wherein the plurality of approvers are users of 
the file security system. 

9. A method as recited in claim 1 , wherein the plurality of approvers form a set of 
15 approvers, and 

wherein said determining determines that the requested security change is 
approved when a subset of the set of approvers approve the requested security 
change. 

20 10. A method as recited in claim 1 , wherein the plurality of approvers identified by 
said identifying is dependent on the requested security change. 

11. A method as recited in claim 1 , wherein the plurality of approvers identified by 
said identifying is dependent on the requestor. 

25 

12. A method as recited in claim 1 , wherein said notifying operates to 
substantially simultaneously notify all of the approvers of the approval request for the 
requested security change. 



SSL1P023/SS-43 



Page 20 



13. A method as recited in claim 1 , wherein said notifying operates to 
substantially concurrently notify all of the approvers of the approval request for the 
requested security change. 

5 14. A method as recited in claim 1 , wherein the electronic files secured by the file 
security system are electronic documents. 

15. A file security system that restricts access to secured electronic documents, 
said file security system comprising: 

io an access server that restricts access to the secured electronic documents; 

and 

an approval manager operatively connected to said access server, said 
approval manager operates a security change approval process to determine 
whether a requested security change is approved. 

15 

16. A file security system as recited in claim 15, wherein said file security system 
has one or more system administrators, and wherein said approval manager 
operates the security change approval process without any interaction from the one 
or more system administrators. 

20 

17. A file security system as recited in claim 15, wherein, in operating the security 
change approval process, a plurality of approvers are notified of the requested 
security change and asked to approve or disapprove the requested security change. 

25 18. A file security system as recited in claim 17, wherein the plurality of approvers 
are notified by notification electronic mail messages. 
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19. A file security system as recited in claim 18, wherein the plurality of approvers 
approve or disapprove the requested security change using reply electronic mail 
messages. 

5 20. A file security system as recited in claim 19, wherein the reply electronic mail 
messages include a digital signature of the associated approver to verify authenticity. 

21. A file security system as recited in claim 17, wherein no one of the approvers 
can individually approve the requested security change. 

10 

22. A file security system as recited in claim 1 7, wherein the plurality of approvers 
are arranged as a set or group. 

23. A file security system as recited in claim 17, wherein the plurality of approvers 
15 are arranged into a plurality of sets or groups, and * 

wherein said approval manager requires approval from more than one of the 
plurality of sets or groups in order to determine that the requested security change is 
approved. 

20 24. A file security system as recited in claim 1 7, wherein the plurality of sets or 
groups are arranged in a hierarchy, and wherein progression to a next level in the 
hierarchy requires approval from the set or group associated with a current level. 

25. A file security system as recited in claim 17, wherein the approvers are users 
25 of the file security system. 

26. A file security system as recited in claim 17, wherein the plurality of approvers 
form a set of approvers, and 
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wherein said approval manager determines that the requested security 
change is approved when a subset of the set of approvers approve the requested 
security change. 

5 27. A file security system as recited in claim 1 7, wherein said approval manager 
identifies the plurality of approvers dependent on the requested security change. 

28. A file security system as recited in claim 17, wherein said approval manager 
identifies the plurality of approvers dependent on the requestor. 

10 

29. A file security system as recited in claim 15, wherein said file security system 
further comprises: 

a key store operatively connected to said access server, said key store stores 
cryptographic keys used to gain access to the secured electronic documents. 

15 

30. A computer readable medium including at least computer program code for 
approving a security change for a file security system that secures electronic files, 
said computer readable medium comprising: 

computer program code for notifying a plurality of approvers of an approval 
20 request for the requested security change; 

computer program code for determining whether the requested security 
change is approved based on responses from the approvers to the approval request; 
and 

computer program code for performing the requested security change when 
25 said determining determines that the requested security change has been approved. 

31 . A computer readable medium as recited in claim 30, wherein said notifying of 
the approvers is achieved by electronic mail. 
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32. A computer readable medium as recited in claim 31 , wherein the responses 
from the approval group are electronic mail. 

33. A computer readable medium as recited in claim 30, wherein no one of the 
5 plurality of approvers can individually approve the requested security change. 
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